package com.dingwen.spsest.controller;

import com.dingwen.spsest.entity.UserEntity;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.access.prepost.PreFilter;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

/**
 * @author dingwen
 * 2021.05.17 15:36
 */
@Controller
@RequestMapping("")
public class IndexController {

    /**
     * 登录
     *
     * @return {@link String}
     */
    @GetMapping("/index")
    public String login() {
        return "index";
    }

    /**
     * 找到所有
     *
     * @return {@link String}
     */
    @GetMapping("/findAll")
    @ResponseBody
    public String findAll() {
        return "findAll";
    }

    /**
     * 查询单个
     *
     * @return {@link String}
     */
    @GetMapping("/find")
    @ResponseBody
    public String find() {
        return "find";
    }

    /**
     * 登录成功
     *
     * @return {@link String}
     */
    @PostMapping("/success")
    @ResponseBody
    public String success(HttpServletResponse response) throws ServletException, IOException {
        response.sendRedirect("http://www.baidu.com");
        return "success";
    }


    /**
     * 登录失败
     *
     * @return {@link String}
     */
    @PostMapping("/fail")
    @ResponseBody
    public String fail() {
        return "fail";
    }

    /**
     * 403页面
     *
     * @return {@link String}
     */
    @GetMapping("/forbidden")
    public String forbidden() {
        return "forbidden";
    }

    @GetMapping("/test1")
    @ResponseBody
    public String test1() {
        return "test1";
    }

    @GetMapping("/test2")
    @ResponseBody
    public String test2() {
        return "test2";
    }


    /**
     * ·@secured ·注解测试测试
     *
     * @return {@link String}
     */
    @GetMapping("/secured")
    @ResponseBody
    @Secured({"ROLE_管理员", "ROLE_user"})
    public String securedTest() {
        return "secured test";
    }


    /**
     * .@PreAuthorize 注解测试
     *
     * @return {@link String}
     */
    @GetMapping("/preAuthorize")
    @ResponseBody
//    @PreAuthorize("hasRole('ROLE_管理员')")
    @PreAuthorize("hasAnyAuthority('menu:system')")
    public String preAuthorizeTest() {
        return "preAuthorize test";
    }


    /**
     * .@PostAuthorize 注解测试
     *
     * @return {@link String}
     */
    @GetMapping("/postAuthorize")
    @ResponseBody
    @PostAuthorize("hasAnyAuthority('menu:user')")
    public String postAuthorizeTest() {
        return "postAuthorize test";
    }

    /**
     * `@PostFilter 注解测试
     *
     * @return {@link List<UserEntity>}
     */
    @GetMapping("/postFilter")
    @ResponseBody
    @PreAuthorize("hasAnyRole('ROLE_管理员')")
    @PostFilter("filterObject.username == 'dingwen'")
    public List<UserEntity> postFilterTest() {
        List<UserEntity> userEntityList = new ArrayList<>();
        userEntityList.add(UserEntity.builder().username("test").build());
        userEntityList.add(UserEntity.builder().username("dingwen").build());
        return userEntityList;
    }

    /**
     * `@PreFilter 注解测试
     *
     * @param userEntityList 用户实体列表
     */
    @GetMapping("/preFilter")
    @ResponseBody
    @Secured({"ROLE_管理员"})
    @PreFilter(value = "filterObject.username == 'dingwen'")
    public void preFilterTest(List<UserEntity> userEntityList){
        System.out.println();
    }

}
